newyear2k24.jobfox.space Open in urlscan Pro
2606:4700:3034::6815:28f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newyear2k24.jobfox.space/
Effective URL:
https://newyear2k24.jobfox.space/
Submission: On December 31 via api (December 31st 2023, 2:02:52 pm UTC) from US — Scanned from DE

Summary HTTP 66 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 18 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3034::6815:28f, located in United States and belongs to CLOUDFLARENET, US. The main domain is newyear2k24.jobfox.space.
TLS certificate: Issued by GTS CA 1P5 on November 7th 2023. Valid for: 3 months.

This is the only time newyear2k24.jobfox.space was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:814c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3034::6815:28f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2 2	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:e99d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:ebd0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.96.147.102 66.96.147.102	29873 (BIZLAND-SD) (BIZLAND-SD)
1	2606:4700:440... 2606:4700:4400::ac40:98e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	173.233.139.164 173.233.139.164	7979 (SERVERS-COM) (SERVERS-COM)
1 1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
66	20

1 2606:4700:3030::ac43:814c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

newyear2k24.jobfox.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::6815:28f (United States)

ASN13335 (CLOUDFLARENET, US)

newyear2k24.jobfox.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.248.10 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

click-it.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-04-08-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:e99d (United States)

ASN13335 (CLOUDFLARENET, US)

toppng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ebd0 (United States)

ASN13335 (CLOUDFLARENET, US)

banner2.cleanpng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.96.147.102 (United States)

ASN29873 (BIZLAND-SD, US)
PTR: 102.147.96.66.static.eigbox.net

www.latestworldevents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:98e0 (United States)

ASN13335 (CLOUDFLARENET, US)

static.vecteezy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.139.164 (United States)

ASN7979 (SERVERS-COM, US)

www.topcreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	google.com 1 redirects drive.google.com — Cisco Umbrella Rank: 294 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	73 KB
16	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12342 doc-04-08-docs.googleusercontent.com — Cisco Umbrella Rank: 601391	698 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	274 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	10 KB
4	jobfox.space 1 redirects newyear2k24.jobfox.space	15 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	147 KB
2	bit.ly 2 redirects bit.ly — Cisco Umbrella Rank: 5695	494 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340	31 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	10 KB
1	topcreativeformat.com www.topcreativeformat.com — Cisco Umbrella Rank: 230506
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11479	3 KB
1	vecteezy.com static.vecteezy.com — Cisco Umbrella Rank: 26630	126 KB
1	latestworldevents.com www.latestworldevents.com	138 KB
1	cleanpng.com banner2.cleanpng.com — Cisco Umbrella Rank: 105996	26 KB
1	toppng.com toppng.com — Cisco Umbrella Rank: 225383	143 KB
1	click-it.me click-it.me	3 KB
0	hindisahayata.com Failed newyear.hindisahayata.com Failed
66	18

	Domain	Requested by
15	blogger.googleusercontent.com	newyear2k24.jobfox.space
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	pagead2.googlesyndication.com	newyear2k24.jobfox.space pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	newyear2k24.jobfox.space	1 redirects newyear2k24.jobfox.space
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	newyear2k24.jobfox.space www.googletagmanager.com
2	bit.ly	2 redirects
2	cdnjs.cloudflare.com	newyear2k24.jobfox.space
1	www.google.com	tpc.googlesyndication.com
1	doc-04-08-docs.googleusercontent.com	newyear2k24.jobfox.space
1	drive.google.com	1 redirects
1	www.topcreativeformat.com	newyear2k24.jobfox.space
1	1.bp.blogspot.com	newyear2k24.jobfox.space
1	static.vecteezy.com	newyear2k24.jobfox.space
1	www.latestworldevents.com	newyear2k24.jobfox.space
1	banner2.cleanpng.com	newyear2k24.jobfox.space
1	toppng.com	newyear2k24.jobfox.space
1	click-it.me	newyear2k24.jobfox.space
1	ajax.googleapis.com	newyear2k24.jobfox.space
1	fonts.googleapis.com	newyear2k24.jobfox.space
0	newyear.hindisahayata.com Failed	newyear2k24.jobfox.space
66	23

This site contains links to these domains. Also see Links.

Domain
bit.ly
www.blogger.com

Subject Issuer	Validity	Valid
jobfox.space GTS CA 1P5	`2023-11-07` - `2024-02-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
toppng.com GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
cleanpng.com E1	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.latestworldevents.com R3	`2023-12-22` - `2024-03-21`	3 months	crt.sh
vecteezy.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
topcreativeformat.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://newyear2k24.jobfox.space/
Frame ID: 9123265424EB9245B8CA7E237F029D9B
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 4B3703CB7817C6CCD4626A056DE81FA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2398790697347443&output=html&adk=1812271804&adf=3025194257&lmt=1704023165&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnewyear2k24.jobfox.space%2F%23&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704031365445&bpp=2&bdt=371&idt=197&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1549297402505&frm=20&pv=2&ga_vid=1374052067.1704031366&ga_sid=1704031366&ga_hid=1491403811&ga_fc=0&u_tz=60&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080103%2C42532523%2C44798934%2C95320884&oid=2&pvsid=27743298056044&tmod=2061234043&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: FC3C484BD4C5EFB6B487B97A5F406733
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2398790697347443&output=html&h=280&slotname=6153211313&adk=2540909569&adf=3501923860&pi=t.ma~as.6153211313&w=450&fwrn=4&fwrnh=100&lmt=1704023165&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2k24.jobfox.space%2F%23&ea=0&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704031365447&bpp=2&bdt=372&idt=215&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1549297402505&frm=20&pv=1&ga_vid=1374052067.1704031366&ga_sid=1704031366&ga_hid=1491403811&ga_fc=0&u_tz=60&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080103%2C42532523%2C44798934%2C95320884&oid=2&pvsid=27743298056044&tmod=2061234043&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=219
Frame ID: 6D264D6B0C9B220D210B5816F0423283
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2398790697347443&output=html&h=280&slotname=6153211313&adk=2540909569&adf=330102155&pi=t.ma~as.6153211313&w=450&fwrn=4&fwrnh=100&lmt=1704023165&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2k24.jobfox.space%2F%23&ea=0&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704031365449&bpp=1&bdt=374&idt=220&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=1549297402505&frm=20&pv=1&ga_vid=1374052067.1704031366&ga_sid=1704031366&ga_hid=1491403811&ga_fc=0&u_tz=60&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080103%2C42532523%2C44798934%2C95320884&oid=2&pvsid=27743298056044&tmod=2061234043&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=222
Frame ID: 493E92FB27E8FB754109BD4EEFB8E83F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA9FD4AB111D7B634E73915056DC2E47
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6987BE269469A39C9E21B86CD029F7C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

!! नवर्ष की शुभकामनायेें !!

Page URL History Show full URLs

http://newyear2k24.jobfox.space/ HTTP 301
https://newyear2k24.jobfox.space/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

94 %
HTTPS

86 %
IPv6

18
Domains

23
Subdomains

20
IPs

2
Countries

1716 kB
Transfer

2956 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/3EZj9vJ

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newyear2k24.jobfox.space/ HTTP 301
https://newyear2k24.jobfox.space/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://bit.ly/3KGhduf HTTP 301
https://click-it.me/slider.js

Request Chain 25

https://bit.ly/2VLMnaW HTTP 301
https://1.bp.blogspot.com/-ARiMLSA5jAc/X8zAsBK0PpI/AAAAAAAAmac/8LEjw1rBgwkoPNJcMHLxGBR-sIbfSAGuQCLcBGAsYHQ/s200/wp.png

Request Chain 33

https://drive.google.com/uc?export=download&id=1S4nTTI2g1tIFITUGVAUajYAymlPw0247 HTTP 303
https://doc-04-08-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/u0et32e4vlp9ipuo5psll4igoglrqlve/1704031350000/01286243603303583280/*/1S4nTTI2g1tIFITUGVAUajYAymlPw0247?e=download&uuid=7db36048-9e79-4841-93c6-4dc57945b08c

66 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
newyear2k24.jobfox.space/
Redirect Chain

http://newyear2k24.jobfox.space/
https://newyear2k24.jobfox.space/

68 KB
12 KB

237ms
198ms

Document
text/html

2606:4700:3034::6815:28f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:28f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af3b84a5828f44624c38a2ecd7bc4035c5eb012db28cda287abc084119a01a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 83e30fde8b740496-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 31 Dec 2023 14:02:45 GMT
expires: Sun, 31 Dec 2023 14:02:45 GMT
last-modified: Sun, 31 Dec 2023 11:46:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSwAh11mejB3MeMSImMpYJisyNlvmWeHqtWjnX%2BvZjYZ4dF4viiW5Si21B7j%2BZxPOZxHkPx%2F5BU17Zpt%2BAKHfqgHRMk3MLdyf0NddSMOu4S7XUCS3dbpHB9B4DEVGfnRo9sJmqajO93ltR24MY9cUe8qaDvZxvU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 83e30fde1a3a3ca4-CDG
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 31 Dec 2023 14:02:44 GMT
Expires: Sun, 31 Dec 2023 15:02:44 GMT
Location: https://newyear2k24.jobfox.space/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQC%2By%2FhxHubWwScdb%2B8c0hvyEqMHA4lhZYEkAoQrm7MaWRUGiR0pDkBk4oeMcyjcCrWJktipYp%2BApRv5yPLK4S%2FAGLcQRFyjWl15XmsFVsbjTwXP7PxcLViqhyMIk6DsPlLiRZPqZIpmZZPgDGToWj1AQlnVdEs%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 32ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2721380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3279
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTUhYZb%2BL3kPDyc7zCWo0vQCd05pHUApgUBRmZGRQVbN6YHoSo7z87RwbDXwpIQhqBjkPozY1dSkG1QuGoszZUvGiqF4aKMNwm0Y%2Ffi%2FlLCFQPuIbdnVqmkaUpIBt5BfG3IjmY52VOsWeP8qqURJVyeS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83e30fdfd9f0bbf7-FRA
expires: Fri, 20 Dec 2024 14:02:45 GMT

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 37 KB
6 KB 31ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4623314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5884
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uIVorZ%2BCzexqxFACbvGCl%2FK%2BFkB%2Bp8QhHWwgjj33F1MuN2i4%2F%2F0e6P%2FenHL%2FnSbp18AmM1tM%2FpTPbw%2BC5ygPFcy5977RWJv9CBBHk%2BK94EPh0iOh5FzYcCSQzFX0J04HIa8GUs%2Bo4zCk2dZOQ8uf1gV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83e30fdfd9efbbf7-FRA
expires: Fri, 20 Dec 2024 14:02:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 562 B
776 B 58ms
23ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sofia:&effect=neon

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88509d73cf7a5f6a3a29da5299861b96db5451535f904d36f2d99d1888aaf42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 14:02:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 14:02:45 GMT

GET
H2 404 @@@@@@@@@@@@.js
newyear2k24.jobfox.space/ 0
0 162ms
162ms Script
text/html 2606:4700:3034::6815:28f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyear2k24.jobfox.space/@@@@@@@@@@@@.js

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:28f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FAkLl0D9OXX816BQBqc%2BAE6pUDvwTNYH1%2F0vD5NpVvfjy2jT05LYmSHLj8jiUZYVxdvxKS3HijRqrs9rFQfUGxYl%2F2Ns0FQedBdWN2DqK3FgFgamQOsmITBJYxmuTFtpN4LokNCO1UfpIOcymOXtMOmItoHIUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 83e30fdfed980496-CDG
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 106ms
65ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2398790697347443&host=ca-host-pub-1556223355139109

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc292fa10a6a49d665d0d563a66a4a30fd6d1c611728657476ee83abe2f5165e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
Origin: https://newyear2k24.jobfox.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51254
x-xss-protection: 0
server: cafe
etag: 18015147164156521230
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 14:02:45 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 84ms
23ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 00:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Dec 2024 00:13:44 GMT

GET
H2

200

slider.js Show response
click-it.me/
Redirect Chain

https://bit.ly/3KGhduf
https://click-it.me/slider.js

8 KB
3 KB

111ms
22ms

Script
application/x-javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click-it.me/slider.js
Requested by: Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/
Protocol: H2
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a02f27ea1425ac7f63aaa75c75a68ac10946afb1117db732203ac003b2cc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Nov 2019 05:01:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1560
etag: W/"2091-5ddcb19d-1ff37b;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ay4LyP7d53T2B4%2BbIuD9t3iGl6vTT5C5rr0A7KUp1GTNi1yvVwGPAJ3sEQ369TM96enTmo900w44sI17C3He561p6aR1H4pNpC66Q1n1YOvgCzGq4S2nf8GH86v0NYhkImSNSQtF2r9xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 83e30fe18a4db8d9-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Dec 2023 14:36:04 GMT

Redirect headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-security-policy: referrer always;
referrer-policy: unsafe-url
via: 1.1 google
server: nginx
content-type: text/html; charset=utf-8
location: https://click-it.me/slider.js
cache-control: private, max-age=90
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116

GET
H2 200 root.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO6Rcaj93G921aABik5TEfqvhL3WRUKNtAMzLX1FB69-YzcO0DD5v6ux4tKnNPjtVjLus6EpmHYWCviTTp2XRTtHhz28voy8XJnmF7VOy5cORKFB9HMtpXNfq4Ty0h7bacdkI5Qb-GuzHi-teQ... 160 KB
161 KB 349ms
313ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO6Rcaj93G921aABik5TEfqvhL3WRUKNtAMzLX1FB69-YzcO0DD5v6ux4tKnNPjtVjLus6EpmHYWCviTTp2XRTtHhz28voy8XJnmF7VOy5cORKFB9HMtpXNfq4Ty0h7bacdkI5Qb-GuzHi-teQCSfw-N5e8t3mcCV3A09aJMfq2gbgG3Akc2UVwQIeAA/s1600/root.gif

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e4d309386e64dacedc265e5fdcf428a7f65e818fcbe30f9ad013b4d7154000bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v344"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="root.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164156
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 bg1.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaFnEZXIn0-XMbF-sOda8pFb7L98hgsza2jEj9BDncxZNYJerDCJ9gMLwxoUXmiJijRFOhtRAkLbfS5rJbZYYaKmSS5QjW18SGc79QxGT1AuKdQ9TZS6nLfyyAxzMyT_mVfFpU8OB-c8gITYyG... 64 KB
64 KB 380ms
344ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaFnEZXIn0-XMbF-sOda8pFb7L98hgsza2jEj9BDncxZNYJerDCJ9gMLwxoUXmiJijRFOhtRAkLbfS5rJbZYYaKmSS5QjW18SGc79QxGT1AuKdQ9TZS6nLfyyAxzMyT_mVfFpU8OB-c8gITYyG_bE6Q3gnYEFmAhO8xdopwakSvn7OAgTc4rcjom4Jpg/s1600/bg1.jpg

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9c71553c549f3818d8aa75cf93a9f4dc382e4fee8c2c1cebb3a18d43c314f60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v347"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bg1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65519
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 bg2.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEia7_d-EZcNA3uEd-l9lXywXnekDqM-HhfgViDNshDlaYcQk-0UfTOEvKSzT7BWXAgStlrQIVG5CkL4vXLMIYxAd-jO0RhHM6GpdBXJiFubByyhiRZ4DhMu0Ixx9UE4b04QpnzWCXwd61aoZKM4... 65 KB
65 KB 493ms
489ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEia7_d-EZcNA3uEd-l9lXywXnekDqM-HhfgViDNshDlaYcQk-0UfTOEvKSzT7BWXAgStlrQIVG5CkL4vXLMIYxAd-jO0RhHM6GpdBXJiFubByyhiRZ4DhMu0Ixx9UE4b04QpnzWCXwd61aoZKM4ZRl2qHPMgXCLUUFNabPibSaZ0qyaV79KjcyIBRrQJw/s1600/bg2.jpg

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a23997e184900307a38fe3ba9881d67aa460815d3b6d72d48f1287d0ad7a7cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v348"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bg2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66359
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 W.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcQ9fX4sboYaywfbn5SuCN2TRFCYXGAlxUHbe7PlXmcOMgf9kVmiHgHSLcrlhaBI-3l5RoYtOHTZo6vXwRo5nA8DFvApy_-KbgFBCl9N42uiixkm2QQDe-4Mw6Aq7hpBWdkf2smqIRH_Q4ZgZo... 5 KB
5 KB 483ms
480ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcQ9fX4sboYaywfbn5SuCN2TRFCYXGAlxUHbe7PlXmcOMgf9kVmiHgHSLcrlhaBI-3l5RoYtOHTZo6vXwRo5nA8DFvApy_-KbgFBCl9N42uiixkm2QQDe-4Mw6Aq7hpBWdkf2smqIRH_Q4ZgZoc9yXmbc9_ZTPud-rgIAPTkvlXZVkCe_QZl-CYSxgnw/s1600/W.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6a421361ec7292bdf40357992e78e45569bde3b9c71a9eb0e6eeddd483baf8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v357"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="W.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5442
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 E.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuF5SeJKdhRN76jLGj9sJnCfJBfION2uuHWzeiSJ8M8fgFel_-NTYmrs38vqzNwSI7ZSIlj6OFRramcb6f-N3Q-7nWIDPtl1ucpE-QuRAsS2wDNqOre4yDi4WRfgWxtL6ZHmmIYI9MutUBP_IR... 906 B
1001 B 529ms
527ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuF5SeJKdhRN76jLGj9sJnCfJBfION2uuHWzeiSJ8M8fgFel_-NTYmrs38vqzNwSI7ZSIlj6OFRramcb6f-N3Q-7nWIDPtl1ucpE-QuRAsS2wDNqOre4yDi4WRfgWxtL6ZHmmIYI9MutUBP_IRxodqOm5SdEuGpBmjBd3ITl3x8m7Pi7YiUxhuOZW0-Q/s1600/E.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

256b0e54003f0c1a887b71a9e8554736194c0fbef3e9ba30e41eef3e75659318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v355"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="E.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 906
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 L.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7QLAXECVJxZAWbNeTYeooUjbs2V85vOroJUwS_zCoPpgmsmPvaeXOR5V4y8P1zvWoaMryZ4CM4MhGq2WL1zUzRxfb6jXVfp9Isa00gsdLJIh-AzkoZQN7Dh2-mCJxYfSpi3UvSkI3RZ6Fwc6W... 1 KB
1 KB 566ms
563ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7QLAXECVJxZAWbNeTYeooUjbs2V85vOroJUwS_zCoPpgmsmPvaeXOR5V4y8P1zvWoaMryZ4CM4MhGq2WL1zUzRxfb6jXVfp9Isa00gsdLJIh-AzkoZQN7Dh2-mCJxYfSpi3UvSkI3RZ6Fwc6W_qx56hsaUS7Hou9bTO2QJ2d4dj1PH_M6RSO74jvHYA/s1600/L.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3b5147b3b60a785aed44d4b17d93013bcdfdf02cf071cda79c6f4c25e7a7cdad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v356"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="L.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1061
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 C.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFtqrBPLEJ38nxpr1j7Vl2W3iiU2J9pv-gviFxvo8zEgNGeG8ScZ1giL4tZnSLq8FqsJmezFNbaWkxwOxhMY1651_maWDZ3ctCWY7SWfMlbaOT8jt0S-mhwZcUASUXkYrv3ja512x6aAAHliPf... 2 KB
2 KB 528ms
525ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFtqrBPLEJ38nxpr1j7Vl2W3iiU2J9pv-gviFxvo8zEgNGeG8ScZ1giL4tZnSLq8FqsJmezFNbaWkxwOxhMY1651_maWDZ3ctCWY7SWfMlbaOT8jt0S-mhwZcUASUXkYrv3ja512x6aAAHliPfbHyMeapOJsrrVFIJ2dSBEHcXLBc8nTKKUTy4jNNdbw/s1600/C.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9fa1d5e1716ecce83b163e7d1bf7317f89b925fa6b83e15f76e58f68c26d835f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v354"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="C.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2069
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 O.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjepA_cwo9d901eKzbmQyEymlz8eUom1KzL5H7bA7RE70rQtKyxjJ6LQEj3LkSJCmDOE_2c2HbqvZy5LTSrrrgNgVWt87Cf6QY2BDK43-pccRYKYBBi1leBfTgSS0x4KzO5rFSoNDlTE_M6NcD9... 2 KB
2 KB 477ms
474ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjepA_cwo9d901eKzbmQyEymlz8eUom1KzL5H7bA7RE70rQtKyxjJ6LQEj3LkSJCmDOE_2c2HbqvZy5LTSrrrgNgVWt87Cf6QY2BDK43-pccRYKYBBi1leBfTgSS0x4KzO5rFSoNDlTE_M6NcD95jJgFxB_fMUNBQtEY9dGMFHeQdDatT5QAdGB0BdNRg/s1600/O.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

24b314b1686b78bc15a623728c058476e3d40e4f3fd4f511d1bf0503a48a6877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v357"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="O.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2278
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 M.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZxlVzfuCbaDrCyp4lLZJiYBf8co3PnfJbewFwGakVDLspYdXTV01WNXjdmBL4dL-oFpO71OeiLbMH1ZVZoXkfd2r174id3PIpi78w-fTNfZdJsnUDSNhQwbtn6-e184umgpARqaccRw_KeKgS... 2 KB
2 KB 472ms
470ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZxlVzfuCbaDrCyp4lLZJiYBf8co3PnfJbewFwGakVDLspYdXTV01WNXjdmBL4dL-oFpO71OeiLbMH1ZVZoXkfd2r174id3PIpi78w-fTNfZdJsnUDSNhQwbtn6-e184umgpARqaccRw_KeKgSkUH4iBxIa2IlThTGN4c6ySfEOf_L0dbjevK5vbOzow/s1600/M.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5691a5f723d91077260a605e29da56c0b021b785e3fc8c4f135161f7a2153687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v357"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="M.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2274
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 2.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnTebTQwYaZORv76W3TL-m99uqCAWVy-VCUB_sUvTQCRpxVJ3FqCu___9ZyAr8SQOX2pXeF2ygOSkYPf2PBZeHf2yiS4kmlwwbRpG9auMr1u-MCO86DyaCi8SuyPXDq3nzOdKZa3w63px4WxLR... 3 KB
3 KB 487ms
485ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnTebTQwYaZORv76W3TL-m99uqCAWVy-VCUB_sUvTQCRpxVJ3FqCu___9ZyAr8SQOX2pXeF2ygOSkYPf2PBZeHf2yiS4kmlwwbRpG9auMr1u-MCO86DyaCi8SuyPXDq3nzOdKZa3w63px4WxLRv_z_2Wh-xGCMWmNXsK2NNHLPVMk_dk5eMgcEIYkmQQ/s1600/2.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ce0f2d70d1c8186913dc30935561e7a18e5317d2c117c3245f63507267089f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v353"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2822
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 0.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjHN57rPz6E1xJ8hAdjMn8KXo5HhSXDP9FquMn4RjD9zsbfpjFBaMB76q0UJqsxbx0VuocH4s3PuUPVvg3GKnrSZVp8LieU4GJRzMjL2vRxgO_VoPSaVFCvGQl5p9rgR87DjsL_VpxvhNf5nHY... 3 KB
3 KB 530ms
528ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjHN57rPz6E1xJ8hAdjMn8KXo5HhSXDP9FquMn4RjD9zsbfpjFBaMB76q0UJqsxbx0VuocH4s3PuUPVvg3GKnrSZVp8LieU4GJRzMjL2vRxgO_VoPSaVFCvGQl5p9rgR87DjsL_VpxvhNf5nHYaJa4rDT0ysg5cKdq0uaizFxmWZvIxpe_anXm5V695A/s1600/0.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d32efacc869329b37e75d515507ec6639c20ed1c953b43ad56a5b36054239ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v352"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2787
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 toy-story-clipart-logo-toy-story-font-4-11562867770bgrzqvnccy.png
toppng.com/uploads/preview/ 142 KB
143 KB 137ms
84ms Image
image/png 2606:4700:3038::6815:e99d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://toppng.com/uploads/preview/toy-story-clipart-logo-toy-story-font-4-11562867770bgrzqvnccy.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:e99d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1e7e5a0cd52fe5f3e1dc69d858594d47d4ef227c24cbb81ce22585e00550b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: MISS
last-modified: Mon, 22 Jul 2019 22:42:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gK4mqop7DSLO6gH3a48Mzw%2FgxOIwR61BWL8jfwH6M4GscaPvwP38j6ka7%2BGPksT8NbltjoogZHkBb91f6BLn1wHxWVeLFEaCwxkG23kX%2FzSTmYPCa%2FnFoJHAF8nwG6Hk5xaSOsz9N8y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=9984600
accept-ranges: bytes
cf-ray: 83e30fe14b97fa4c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 145825
expires: Mon, 30 Dec 2024 14:02:45 GMT

GET
H2 200 number-4-png-5a368f85e6c2f7.3442950315135251259452.jpg
banner2.cleanpng.com/20171217/d24/ 26 KB
26 KB 76ms
22ms Image
image/jpeg 2606:4700:3038::6815:ebd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner2.cleanpng.com/20171217/d24/number-4-png-5a368f85e6c2f7.3442950315135251259452.jpg
Requested by: Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bb34f106186321a98292142b634f8d32682fbdab88326e75350b10f68885c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 297801
alt-svc: h3=":443"; ma=86400
content-length: 26558
last-modified: Sun, 17 Dec 2017 15:38:51 GMT
server: cloudflare
etag: "5a368f8b-67be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voQPlp3Sd%2B%2F7%2FpPBvSWJnsMlVTOr3QkPPa570XFGjoh0roP9nmsbfaVJwNFbGUm6VRTh%2Bb%2FIT4M7GZQrYXvzAJMvtzUxR6Xqte45Z%2B1tEoW8LEFXqa1%2BzfLFnFPqo%2BzoyeiD4kB4bhIaBg3b%2FO%2BWinyfuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 83e30fe148d0b73d-AMS
expires: Sun, 07 Jan 2024 03:17:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 108ms
69ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2398790697347443

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abd38f3c5cc292c4da9e94d725e4d76db24633635163ce85bad082cac4deaa6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
Origin: https://newyear2k24.jobfox.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51255
x-xss-protection: 0
server: cafe
etag: 418160590792955281
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 14:02:45 GMT

GET
H2 200 kiTarafSe.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS__ZY6tw8FC9167d1WPZ4wmJ-w16T--UK_Dk34BAuesCJk67tciPQZ8zsthIZ8Vtoq2mYZUupa5P352aBZnuYTT7esHXxuNe3aYjO5z2Eu2iMP000Wmbv77k-KyQqdXN2hmUKRCB4vp37EArl... 7 KB
7 KB 623ms
620ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS__ZY6tw8FC9167d1WPZ4wmJ-w16T--UK_Dk34BAuesCJk67tciPQZ8zsthIZ8Vtoq2mYZUupa5P352aBZnuYTT7esHXxuNe3aYjO5z2Eu2iMP000Wmbv77k-KyQqdXN2hmUKRCB4vp37EArlL16IZPPQS_xkxMRIWZrsKVpvB5eeYOvnmVCOrO9N/s783/kiTarafSe.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

89adb8d32551998ce8c2f95390c7c2fb620c943ee0637225c07c671b80abac44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "vf62"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="kiTarafSe.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6658
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H/1.1 200
OK romantic-new-year-animation.gif
www.latestworldevents.com/wp-content/uploads/2022/08/ 137 KB
138 KB 1187ms
199ms Image
image/gif 66.96.147.102
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.latestworldevents.com/wp-content/uploads/2022/08/romantic-new-year-animation.gif
Requested by: Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.147.102 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 102.147.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 80b19e8fddd64160084812a2d8f429de277c09150b6779c07b8e281f0e4356a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 14:02:46 GMT
Last-Modified: Fri, 26 Aug 2022 17:53:31 GMT
Server: Apache/2
Age: 0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 140667
Expires: Mon, 29 Apr 2024 14:02:46 GMT

GET
H2 200 happy-new-year-2024-free-png.png
static.vecteezy.com/system/resources/previews/029/103/494/original/ 125 KB
126 KB 61ms
28ms Image
image/webp 2606:4700:4400::ac40:98e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.vecteezy.com/system/resources/previews/029/103/494/original/happy-new-year-2024-free-png.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:98e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7dbb0a6cbfdff09a4c9274a1087f0f470e2883887dadd9dceb056061a82075a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-version-id: gFvmZppYuxrnFTxGtAdYB.a0U.KlzLJ3
cf-cache-status: HIT
strict-transport-security: max-age=15552000; preload
age: 38624
x-amz-cf-pop: FRA50-C1
cf-polished: origFmt=png, origSize=238815
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-disposition: inline; filename="happy-new-year-2024-free-png.webp"
alt-svc: h3=":443"; ma=86400
content-length: 128226
cf-bgj: imgq:100,h2pri
last-modified: Wed, 20 Sep 2023 10:30:03 GMT
server: cloudflare
etag: "aeac15b44a69e1c14876051878e133a6"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83e30fe11e8a5c7a-FRA
x-amz-cf-id: Ln20uYZmsTNTM3EUyEJAlgKQUBjhjcG2mtk5_3C2UhleDQcMctE2bg==
expires: Mon, 30 Dec 2024 14:02:45 GMT

GET
H2 200 2020under1.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFbX_jS0pP-0mg5N2fuvARaMqUtAfVHo4eCe7i1gz9YWK7xpo4dYvjsVL1GSUHgOQ1ZWeo2ZhIZ3vzk8ElLJloJK_mVZyswH_v3O3nycl-zNKKljS7zrWJMT9xUcLjNAVJr63H7N4IblhlHo5T... 140 KB
140 KB 398ms
397ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFbX_jS0pP-0mg5N2fuvARaMqUtAfVHo4eCe7i1gz9YWK7xpo4dYvjsVL1GSUHgOQ1ZWeo2ZhIZ3vzk8ElLJloJK_mVZyswH_v3O3nycl-zNKKljS7zrWJMT9xUcLjNAVJr63H7N4IblhlHo5T6gm5xWTmyQhO0bh8qGAK73EdnRKZ0HL6FV2X82cAfA/s1600/2020under1.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

badff9130ec8443d71d00c8d988bdba88525aeb7dffc954ab86d66c30a6f3205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v35d"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2020under1.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143197
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2

200

wp.png
1.bp.blogspot.com/-ARiMLSA5jAc/X8zAsBK0PpI/AAAAAAAAmac/8LEjw1rBgwkoPNJcMHLxGBR-sIbfSAGuQCLcBGAsYHQ/s200/
Redirect Chain

https://bit.ly/2VLMnaW
https://1.bp.blogspot.com/-ARiMLSA5jAc/X8zAsBK0PpI/AAAAAAAAmac/8LEjw1rBgwkoPNJcMHLxGBR-sIbfSAGuQCLcBGAsYHQ/s200/wp.png

3 KB
3 KB

92ms
14ms

Image
image/png

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ARiMLSA5jAc/X8zAsBK0PpI/AAAAAAAAmac/8LEjw1rBgwkoPNJcMHLxGBR-sIbfSAGuQCLcBGAsYHQ/s200/wp.png

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6d19767ab10d4c5fbccf96d7d674a9fb967a3b63ee52eb2c26e99e8e9941b9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:31:08 GMT
x-content-type-options: nosniff
age: 9097
content-disposition: inline;filename="wp.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2696
x-xss-protection: 0
server: fife
etag: "v99a8"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Jan 2024 11:31:08 GMT

Redirect headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-security-policy: referrer always;
referrer-policy: unsafe-url
via: 1.1 google
server: nginx
content-type: text/html; charset=utf-8
location: https://1.bp.blogspot.com/-ARiMLSA5jAc/X8zAsBK0PpI/AAAAAAAAmac/8LEjw1rBgwkoPNJcMHLxGBR-sIbfSAGuQCLcBGAsYHQ/s200/wp.png
cache-control: private, max-age=90
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 67ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-191698403-1

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5f3659d53ade559f5f65a11fd2c0bf40aad70588c5d325d17166ece710514ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68993
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Dec 2023 14:02:45 GMT

GET
H3 200 cookienotice.js Show response
newyear2k24.jobfox.space/js/ 6 KB
2 KB 26ms
26ms Script
text/javascript 2606:4700:3034::6815:28f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyear2k24.jobfox.space/js/cookienotice.js

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:28f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 08:50:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 83e30fe0ea489972-FRA
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 07 Jan 2024 12:30:11 GMT

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/042b4bc6318d1c4bf2ede7bf3241b642/ 0
0 530ms
103ms Script
application/javascript 173.233.139.164
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.topcreativeformat.com/042b4bc6318d1c4bf2ede7bf3241b642/invoke.js
Requested by: Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://newyear2k24.jobfox.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 31 Dec 2023 14:02:45 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 6SSp.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtGl9SyXqp8D5SHbyk_lprNacvhlWjIEavh0WpZzH6j7zvC7Spq0F7TbIzi3svj2M5QISUz8bMT6-9-JIVwaqDBEGmLTA_nHybuc03_oG13LHSgR2bHrlfPN7_vQV-DGL8P584hvyNeD1imh_Z... 201 KB
202 KB 200ms
200ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtGl9SyXqp8D5SHbyk_lprNacvhlWjIEavh0WpZzH6j7zvC7Spq0F7TbIzi3svj2M5QISUz8bMT6-9-JIVwaqDBEGmLTA_nHybuc03_oG13LHSgR2bHrlfPN7_vQV-DGL8P584hvyNeD1imh_ZVqsYxp-D2_asjxUFJmR8pI3KHOo5SL3g-zs59YZo2g/s1600/6SSp.gif

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v244"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6SSp.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206291
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
H2 200 namegif.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjGqc6-A53SIO8L6pfyXVNb4FrlV6zO8W4x6-paYIQA3pz8muBDEWJotwJ0idvTqSwkJFmsQW-c2cwu4KTYLfYI6xloxLHGpCEkeK8cEVGFvPKzKRYifZd615qaQh3QihubetzjGQGbghTscuF... 40 KB
40 KB 382ms
382ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjGqc6-A53SIO8L6pfyXVNb4FrlV6zO8W4x6-paYIQA3pz8muBDEWJotwJ0idvTqSwkJFmsQW-c2cwu4KTYLfYI6xloxLHGpCEkeK8cEVGFvPKzKRYifZd615qaQh3QihubetzjGQGbghTscuFqviNZYeGJfnDRryfsec8v-TS2WP8xqdVJZ6rQX-1DQ/s1600/namegif.gif

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b3990bb66c7c3e4d67538a6b7b405fe801bef3e91a7442975d733dc77a2a42eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v361"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="namegif.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41053
x-xss-protection: 0
expires: Mon, 01 Jan 2024 14:02:45 GMT

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET b.mp3
newyear.hindisahayata.com/2022/ 0
0

GET
H3

206

1S4nTTI2g1tIFITUGVAUajYAymlPw0247
doc-04-08-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/u0et32e4vlp9ipuo5psll4igoglrqlve/1704031350000/01286243603303583280/*/
Redirect Chain

https://drive.google.com/uc?export=download&id=1S4nTTI2g1tIFITUGVAUajYAymlPw0247
https://doc-04-08-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/u0et32e4vlp9ipuo5psll4igoglrqlve/1704031350000/01286243603303583280/*/1S4nTTI2g1tIFITUGVAUajYAymlPw0247?e...

112 KB
0

251ms
206ms

Media
audio/mpeg

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://doc-04-08-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/u0et32e4vlp9ipuo5psll4igoglrqlve/1704031350000/01286243603303583280/*/1S4nTTI2g1tIFITUGVAUajYAymlPw0247?e=download&uuid=7db36048-9e79-4841-93c6-4dc57945b08c

Requested by

Host: newyear2k24.jobfox.space
URL: https://newyear2k24.jobfox.space/

Protocol

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:46 GMT
x-content-type-options: nosniff
x-guploader-uploadid: ABPtcPop1f7_QJ-Akj2CpNQiVuOXtbxEAi5CD2-YjqK6NmRLHpJYhOL7GyL3l5Y6qhIt-PJ4Crc
Content-Range: bytes 0-453934/453935
content-disposition: attachment; filename="x2mate.com - Happy New year Wishing Script Free Download (128 kbps)-[AudioTrimmer.com].mp3"; filename*=UTF-8''x2mate.com%20-%20Happy%20New%20year%20Wishing%20Script%20Free%20Download%20%28128%20kbps%29-%5BAudioTrimmer.com%5D.mp3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 453935
last-modified: Fri, 01 Dec 2023 06:23:12 GMT
server: UploadServer
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
x-goog-hash: crc32c=pH27zQ==
cache-control: private, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, X-Google-EOM, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-353267353-bin, x-goog-ext-353267353-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-359275022-bin, x-goog-ext-328800237-jspb, x-goog-ext-202735639-bin, x-goog-ext-223435598-bin, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, x-goog-maps-api-salt, x-goog-maps-api-signature, x-goog-maps-client-id, X-Goog-Api-Key, x-goog-spanner-database-role, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Android-Cert, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-OidcIdToken, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token, x-rfui-request-context
expires: Sun, 31 Dec 2023 14:02:46 GMT

Redirect headers

date: Sun, 31 Dec 2023 14:02:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport, script-src 'report-sample' 'nonce-oWg4Gq1oYMPHIu6nv8n-9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://doc-04-08-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/u0et32e4vlp9ipuo5psll4igoglrqlve/1704031350000/01286243603303583280/*/1S4nTTI2g1tIFITUGVAUajYAymlPw0247?e=download&uuid=7db36048-9e79-4841-93c6-4dc57945b08c
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 104ms
74ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2398790697347443&host=ca-host-pub-1556223355139109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8ccc2b7c37fce3c4d69c5584a633606971576cfd0d1ead5eff4b54368a708a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137928
x-xss-protection: 0
server: cafe
etag: 12172233748528436709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 14:02:45 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 4B37 9 KB
4 KB 56ms
14ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2398790697347443&host=ca-host-pub-1556223355139109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Sun, 14 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC3C 10 KB
5 KB 95ms
95ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2398790697347443&output=html&adk=1812271804&adf=3025194257&lmt=1704023165&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnewyear2k24.jobfox.space%2F%23&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704031365445&bpp=2&bdt=371&idt=197&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1549297402505&frm=20&pv=2&ga_vid=1374052067.1704031366&ga_sid=1704031366&ga_hid=1491403811&ga_fc=0&u_tz=60&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080103%2C42532523%2C44798934%2C95320884&oid=2&pvsid=27743298056044&tmod=2061234043&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

661ce22e92f3218dade442b6dd91d01ebb2e3d8211a2291e20f5007e79081340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4643
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 14:02:45 GMT
expires: Sun, 31 Dec 2023 14:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D26 720 B
528 B 92ms
91ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2398790697347443&output=html&h=280&slotname=6153211313&adk=2540909569&adf=3501923860&pi=t.ma~as.6153211313&w=450&fwrn=4&fwrnh=100&lmt=1704023165&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2k24.jobfox.space%2F%23&ea=0&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704031365447&bpp=2&bdt=372&idt=215&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1549297402505&frm=20&pv=1&ga_vid=1374052067.1704031366&ga_sid=1704031366&ga_hid=1491403811&ga_fc=0&u_tz=60&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080103%2C42532523%2C44798934%2C95320884&oid=2&pvsid=27743298056044&tmod=2061234043&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6301f927581931c755147880a69f444a768ee417470a3ca104b0b15315abfea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 14:02:45 GMT
expires: Sun, 31 Dec 2023 14:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 493E 720 B
532 B 85ms
85ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2398790697347443&output=html&h=280&slotname=6153211313&adk=2540909569&adf=330102155&pi=t.ma~as.6153211313&w=450&fwrn=4&fwrnh=100&lmt=1704023165&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2k24.jobfox.space%2F%23&ea=0&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704031365449&bpp=1&bdt=374&idt=220&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=1549297402505&frm=20&pv=1&ga_vid=1374052067.1704031366&ga_sid=1704031366&ga_hid=1491403811&ga_fc=0&u_tz=60&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080103%2C42532523%2C44798934%2C95320884&oid=2&pvsid=27743298056044&tmod=2061234043&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=222

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cfa909ad58dd1db94e4d3dc052f373637401630b1de2cde6bdd33de17fd7640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 14:02:45 GMT
expires: Sun, 31 Dec 2023 14:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-2398790697347443 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 81ms
41ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2398790697347443?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e264111503df6f7b81d9a10f13a71e320494b0b1654f9fcd6940ad8ec03023b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0AyYjGtRaNOHNMj7-MjZmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0AyYjGtRaNOHNMj7-MjZmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWAlyy0gDX2F-VgG3qh_mBg0I2V_OtdLLn4jPIAOl2JUSruJXYhCz_778Kn-n4C7l4_Rrj56AtjVuCUU8teMClnwLFzegBxVECUXbltlLucAyNtPm2JDUsvV8eXIFZuZAmaPyvEjg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWAlyy0gDX2F-VgG3qh_mBg0I2V_OtdLLn4jPIAOl2JUSruJXYhCz_778Kn-n4C7l4_Rrj56AtjVuCUU8teMClnwLFzegBxVECUXbltlLucAyNtPm2JDUsvV8eXIFZuZAmaPyvEjg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MDMxMzY1LDkxNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9uZXd5ZWFyMmsyNC5qb2Jmb3guc3BhY2UvIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3df56cd8e42944f52a6535021a482a31df56f501abe2ac1221c445ac5b9e533f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ZslhjUwlyTLdA3X3wwxQOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ZslhjUwlyTLdA3X3wwxQOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QRW7FQB1GX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-191698403-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db91f68bcb838f952cbd756c64091a8266770176d80946250c36697ef508369d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 31 Dec 2023 14:02:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-191698403-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 31 Dec 2023 13:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 868
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 31 Dec 2023 15:48:17 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
177 B 20ms
20ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QRW7FQB1GX&gtm=45je3bt0v9133801498&_p=1704031365921&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cid=1374052067.1704031366&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704031366&sct=1&seg=0&dl=https%3A%2F%2Fnewyear2k24.jobfox.space%2F&dt=!!%20%E0%A4%A8%E0%A4%B5%E0%A4%B0%E0%A5%8D%E0%A4%B7%20%E0%A4%95%E0%A5%80%20%E0%A4%B6%E0%A5%81%E0%A4%AD%E0%A4%95%E0%A4%BE%E0%A4%AE%E0%A4%A8%E0%A4%BE%E0%A4%AF%E0%A5%87%E0%A5%87%E0%A4%82%20!!&en=page_view&_fv=1&_ss=1&tfd=1267
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QRW7FQB1GX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 14:02:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyear2k24.jobfox.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 22ms
22ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1491403811&t=pageview&_s=1&dl=https%3A%2F%2Fnewyear2k24.jobfox.space%2F&ul=en-us&de=UTF-8&dt=!!%20%E0%A4%A8%E0%A4%B5%E0%A4%B0%E0%A5%8D%E0%A4%B7%20%E0%A4%95%E0%A5%80%20%E0%A4%B6%E0%A5%81%E0%A4%AD%E0%A4%95%E0%A4%BE%E0%A4%AE%E0%A4%A8%E0%A4%BE%E0%A4%AF%E0%A5%87%E0%A5%87%E0%A4%82%20!!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1818000252&gjid=1132098619&cid=1374052067.1704031366&tid=UA-191698403-1&_gid=1016942770.1704031366&_r=1&gtm=457e3bt0&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&jsscut=1&z=1471227426

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyear2k24.jobfox.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 14:02:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyear2k24.jobfox.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 64ms
63ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab5fbe0f82d3d6b84795693bc17a72ae8129008b64ab161a9073e7d872af6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12118
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 70ms
33ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 14:02:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA9F 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 187728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 09:53:58 GMT
expires: Sat, 28 Dec 2024 09:53:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C698 829 B
1 KB 91ms
35ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

783e93412cb36e679bee371016642fac70d5df1bf60e6e4bce0c2497094ba4d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rVrLgGis0OXgl4BRqhxkPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newyear2k24.jobfox.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rVrLgGis0OXgl4BRqhxkPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 14:02:46 GMT
expires: Sun, 31 Dec 2023 14:02:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FA9F 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 19:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Dec 2024 19:07:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C698 0
0 47ms
47ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=27743298056044&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 37ms
36ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.15180118364172

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5nhjk4nw8Q9sto5SO07HWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-5nhjk4nw8Q9sto5SO07HWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 29ms
29ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.11778333230344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-b-h0WO9GalE9tw8GNQe9Cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-b-h0WO9GalE9tw8GNQe9Cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 54ms
25ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sh_g2gpKXrrEUNTPZpmsVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Dec 2023 14:02:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-sh_g2gpKXrrEUNTPZpmsVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://newyear2k24.jobfox.space
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FA9F 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LriRsQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=27743298056044&bg=!Li2lLWLNAAY3kmNgF5I7ADQBe5WfOGZmPyNBndUW9jg87FjaHbxKVF4KwsoV0BrpfD4o6K-dYOIMHaFLX66A4KC3vSqiAgAAAPRSAAAAAmgBBwoAW9_3Doz8vLhPnPdHv6Szi8aNjGeiqI75qJloIWE9Gr-l_pa82yDJ61CwZXmTPwBx3uIGmEy7UbIbA_7VgYthUZDmtgeuzEzl3NjFsmmh2dRh2Sld3pcIQ7gPwpmZAv8fEvpuvQJwpXrtNfGVE3Zo6Jif9N2RQU25Sl9TAoGWE6I1LyCk-s2matQTBvYYDTRR1HQbjqy7g906mmQp5cLo6-U8hqHCPCxsC3VJ4MPjBJ2xYkrllvF4yXOxbSh6bauUq0JOJ_xINOezqC6-aUgLuLAc_T_uCaTAf-drfE-YCc3gTiYJjm7XXRt-V1vK4EJSa9nALg4E16lkRANbbKBriwF6RKKaeNrPPynDXrUUrBjM23yaln8e5uuh3T6_n4EemyLfMPcB0JhdATPt-hT8wpMlIq67LyuHd8Pj_ZclUA-rNmseT9IcBM6fG50c5qqt5kg34YY2pF1oXqyIzDn7rtFJoUbulYn-En7cH2J-tIFDVfR8R5dbtywK6zI5C_lGJQMKvzaw9njiVo7ciQLg4OPytfubcXC2yRGAHydQ6FCOIPybubH8C0mRdcWY2y27pETm_sdyov3ufUXvg5L2c0K1k5b820V4KNUEtnJgoZUpZFRggDI7YhsyhCqsq5xYntcgMLdly7-WCWzePWvIRQAEm2dTRbY-ROMel30_8k51Ixr6A5QvSCopSNoPF62GkQONFFmchlIaWrx2Uf1xV2IN7q60YHZCssMKRbbZPkqdKyKl3tXKkE5FfhdTAHhsZs-04fe41Vfto1juoIKNX-8Kd4_30Lab1pR6F-sEXfKaPfQcbh2J927odCZGBipx7GZ2UTdTOPrvj9ng8GHOs22jGwLlwJQ8SvV5rM_D727EYIgcGVzdTbjZq0L9pdrGBy10SAYvm2wQZepBplKYEak2ZSM3zc2Zp8tFJPvzwGdwAeY81wUKW-lK4V7Ttqw-BiokXNTCWZm4hVjoiXaU0fZCTIhIne3uChri4HEq1xjbQXMK2lgHuvTO3EQk8iIJQDMJi2jejg4OORBFLDPgv2fNUPPadOnQZvF6BbuN65wqFtagnn7p6rZl3-YdPIfj53KPX1NxecnAALVLQMyMxLuUcYAvlS5fDt90Cst-7c4ezU7dqfuShQlMQfAbjA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 annonse. Show response
fundingchoicesmessages.google.com/f/AGSKWxUe5EdqD8xCrU6aJru_v58XQa6s89gvyTZCMygee8SlLj-Gmj9WNh5SFgTj3ofVMp68D2mGjSSqLFjIAfDuWbKJIwrhyIkuzdYNAk8E25LeypkXbi7zRx8mm8wN0437-WkMRdK-UrclsfaoxergPCXHk7g5S... 54 B
108 B 28ms
28ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUe5EdqD8xCrU6aJru_v58XQa6s89gvyTZCMygee8SlLj-Gmj9WNh5SFgTj3ofVMp68D2mGjSSqLFjIAfDuWbKJIwrhyIkuzdYNAk8E25LeypkXbi7zRx8mm8wN0437-WkMRdK-UrclsfaoxergPCXHk7g5SiZEw5CakDSUDZfkfwqaAmz5h5p2P1kk/_/flashads./banner/ad./ad/timing./txt_ad./annonse.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73a34e804043d1522b16d37873d65b6f5b5d0a4f52936d135b0dbbf3fecf3b26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EfW--HAibvttOdD0ft98AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-EfW--HAibvttOdD0ft98AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 13:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 14:49:17 GMT

POST
H3 204 AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 26ms
26ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OdRx6ZAlVr2e9xntVVPgMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Dec 2023 14:02:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OdRx6ZAlVr2e9xntVVPgMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://newyear2k24.jobfox.space
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 26ms
26ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qQlcitUqYsb5UFOrRKjmzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Dec 2023 14:02:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-qQlcitUqYsb5UFOrRKjmzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://newyear2k24.jobfox.space
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
37ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-109hE40jk-CvFLcALIFyRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Dec 2023 14:02:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-109hE40jk-CvFLcALIFyRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://newyear2k24.jobfox.space
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
35ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0C545c4wohbK7EeYIRMhsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Dec 2023 14:02:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-0C545c4wohbK7EeYIRMhsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://newyear2k24.jobfox.space
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUEjdub7_cVURi4_rO99V06g7sFEnl4FaaxrMB9WEVm4TK5uxpJW4jg3CwF8mNqcTRY_Poc78py-TvfJBE4ObzjjU_ItcLN59o5bz7kwYEmK6YDFrabxLWthhje1AYFDkfv671TSg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUEjdub7_cVURi4_rO99V06g7sFEnl4FaaxrMB9WEVm4TK5uxpJW4jg3CwF8mNqcTRY_Poc78py-TvfJBE4ObzjjU_ItcLN59o5bz7kwYEmK6YDFrabxLWthhje1AYFDkfv671TSg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MDMxMzY3LDk0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbmV3eWVhcjJrMjQuam9iZm94LnNwYWNlLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

72bd7722bee996a3d8d9f2ab641f5254037490e5531e483005aef238aaf0cde2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FrP16wghY8ySjsvED596mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FrP16wghY8ySjsvED596mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVr5k9enh53qUcrKDqqfTy-N6ffqNoGo4NUFnrljGRGJaI7M6zBERuUfnBK6uAMiNy29f4pdvTWfhJv0TPIXc3lCUX1Ux0BjyeooSnWs_BSR0R-BNvwdPCUmxRIUCXTm5CewrOH8g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVr5k9enh53qUcrKDqqfTy-N6ffqNoGo4NUFnrljGRGJaI7M6zBERuUfnBK6uAMiNy29f4pdvTWfhJv0TPIXc3lCUX1Ux0BjyeooSnWs_BSR0R-BNvwdPCUmxRIUCXTm5CewrOH8g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MDMxMzY3LDk5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9uZXd5ZWFyMmsyNC5qb2Jmb3guc3BhY2UvIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efc46f96bac834e3eed7ee3d0f40cc593c59097b235c10d9a864edd3abde0bad

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-c36QUAmDGt4oRF2fl1s4tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyear2k24.jobfox.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 14:02:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-c36QUAmDGt4oRF2fl1s4tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXA-Ae5QnONTHBsVKx74TVrN2x4vcwJW0BZ3zpnRxmxAZNche8B-gzTivSjFSlQlrwXnJ0tZVESXO15dCznIILjGMm5jH6GJlDKVgvr62qWm-VTi6cisAkDCbB5oE-hWvXlGOoeqg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 26ms
25ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXA-Ae5QnONTHBsVKx74TVrN2x4vcwJW0BZ3zpnRxmxAZNche8B-gzTivSjFSlQlrwXnJ0tZVESXO15dCznIILjGMm5jH6GJlDKVgvr62qWm-VTi6cisAkDCbB5oE-hWvXlGOoeqg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aVAnLwlXxLLVgrYDd3rH7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Dec 2023 14:02:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aVAnLwlXxLLVgrYDd3rH7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://newyear2k24.jobfox.space
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
36ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJCz_GCPMa5ywMxUADvDURiBh0OAtni4LDaI6f-qIFLvq5ydUnPKlOqNtbD-Dd5KMabftVU6v-5Aol1nARWpd-PudlZrVFK3UjsRfBECVZR-bJdEdV8K9S8WD3smIX3PdWfqvHug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8FhzUaG6HR5STncoKPdGiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newyear2k24.jobfox.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Dec 2023 14:02:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8FhzUaG6HR5STncoKPdGiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://newyear2k24.jobfox.space
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: newyear.hindisahayata.com
URL: https://newyear.hindisahayata.com/2022/b.mp3

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vecteezy.com/	1970-01-20 17:20:33	Name: __cf_bm Value: UgrJ31fSeh7.u211YbqONsZZ43IdgMWbLNfB4_TTGEw-1704031365-1-AR5hQmmimWadSV7U+/jHZegwLTE5gm1owsvPDiblvvy0m+0zvRkhuf7HKYVTLnsVf4T/bj16EyYQZmFLgHe5lM4=
.doubleclick.net/	1970-01-20 17:20:32	Name: test_cookie Value: CheckForPermission
.jobfox.space/	1970-01-21 02:42:07	Name: __gads Value: ID=2f64e082f94fdc5b:T=1704031365:RT=1704031365:S=ALNI_MY7t9gCSwHjTy_ICjwpj7bLXa3tXQ
.jobfox.space/	1970-01-21 02:42:07	Name: __gpi Value: UID=00000ceb180ecda5:T=1704031365:RT=1704031365:S=ALNI_MY-Kx8wSOwp_nq9MsO1xTAC57FHmg
.jobfox.space/	1970-01-21 02:56:31	Name: _ga_QRW7FQB1GX Value: GS1.1.1704031366.1.0.1704031366.0.0.0
.jobfox.space/	1970-01-21 02:56:31	Name: _ga Value: GA1.2.1374052067.1704031366
.jobfox.space/	1970-01-20 17:21:57	Name: _gid Value: GA1.2.1016942770.1704031366
.jobfox.space/	1970-01-20 17:20:31	Name: _gat_gtag_UA_191698403_1 Value: 1
.jobfox.space/	1970-01-21 02:06:07	Name: FCNEC Value: %5B%5B%22AKsRol93YwvPLMBl8IfKW6pbFIYRDg1kYsQVuW_ilb-GffpBnKKx2wPLR2K8ZTT5g2AuZ-ce91DWNhlA600zBOrS-YlR6CsozugetQFFxTozp9QYvKvooqX5-RYiCPQcprpN1sIjCHgX3NqiH-1YBSy1DJ7GUmbU8w%3D%3D%22%5D%5D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://newyear2k24.jobfox.space/@@@@@@@@@@@@.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://newyear2k24.jobfox.space/# Message: Refused to execute script from 'https://newyear2k24.jobfox.space/@@@@@@@@@@@@.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
javascript	warning	URL: https://newyear2k24.jobfox.space/(Line 810) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/042b4bc6318d1c4bf2ede7bf3241b642/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://newyear2k24.jobfox.space/(Line 810) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/042b4bc6318d1c4bf2ede7bf3241b642/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://newyear.hindisahayata.com/2022/b.mp3 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.topcreativeformat.com/042b4bc6318d1c4bf2ede7bf3241b642/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.googleapis.com
banner2.cleanpng.com
bit.ly
blogger.googleusercontent.com
cdnjs.cloudflare.com
click-it.me
doc-04-08-docs.googleusercontent.com
drive.google.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
newyear.hindisahayata.com
newyear2k24.jobfox.space
pagead2.googlesyndication.com
static.vecteezy.com
toppng.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.latestworldevents.com
www.topcreativeformat.com
newyear.hindisahayata.com
173.233.139.164
2606:4700:3030::ac43:814c
2606:4700:3034::6815:28f
2606:4700:3038::6815:e99d
2606:4700:3038::6815:ebd0
2606:4700:4400::ac40:98e0
2606:4700::6811:180e
2a00:1450:4001:800::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::200a
2a06:98c1:3121::3
66.96.147.102
67.199.248.10
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
24b314b1686b78bc15a623728c058476e3d40e4f3fd4f511d1bf0503a48a6877
256b0e54003f0c1a887b71a9e8554736194c0fbef3e9ba30e41eef3e75659318
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
39a02f27ea1425ac7f63aaa75c75a68ac10946afb1117db732203ac003b2cc2e
3b5147b3b60a785aed44d4b17d93013bcdfdf02cf071cda79c6f4c25e7a7cdad
3df56cd8e42944f52a6535021a482a31df56f501abe2ac1221c445ac5b9e533f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5691a5f723d91077260a605e29da56c0b021b785e3fc8c4f135161f7a2153687
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
661ce22e92f3218dade442b6dd91d01ebb2e3d8211a2291e20f5007e79081340
6a421361ec7292bdf40357992e78e45569bde3b9c71a9eb0e6eeddd483baf8a6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
6cfa909ad58dd1db94e4d3dc052f373637401630b1de2cde6bdd33de17fd7640
6d19767ab10d4c5fbccf96d7d674a9fb967a3b63ee52eb2c26e99e8e9941b9f1
72bd7722bee996a3d8d9f2ab641f5254037490e5531e483005aef238aaf0cde2
73a34e804043d1522b16d37873d65b6f5b5d0a4f52936d135b0dbbf3fecf3b26
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
783e93412cb36e679bee371016642fac70d5df1bf60e6e4bce0c2497094ba4d6
7bb34f106186321a98292142b634f8d32682fbdab88326e75350b10f68885c68
7e264111503df6f7b81d9a10f13a71e320494b0b1654f9fcd6940ad8ec03023b
80b19e8fddd64160084812a2d8f429de277c09150b6779c07b8e281f0e4356a9
88509d73cf7a5f6a3a29da5299861b96db5451535f904d36f2d99d1888aaf42f
89adb8d32551998ce8c2f95390c7c2fb620c943ee0637225c07c671b80abac44
8af3b84a5828f44624c38a2ecd7bc4035c5eb012db28cda287abc084119a01a3
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9c71553c549f3818d8aa75cf93a9f4dc382e4fee8c2c1cebb3a18d43c314f60b
9fa1d5e1716ecce83b163e7d1bf7317f89b925fa6b83e15f76e58f68c26d835f
a23997e184900307a38fe3ba9881d67aa460815d3b6d72d48f1287d0ad7a7cd6
ab5fbe0f82d3d6b84795693bc17a72ae8129008b64ab161a9073e7d872af6f05
abd38f3c5cc292c4da9e94d725e4d76db24633635163ce85bad082cac4deaa6c
ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2
b3990bb66c7c3e4d67538a6b7b405fe801bef3e91a7442975d733dc77a2a42eb
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b7dbb0a6cbfdff09a4c9274a1087f0f470e2883887dadd9dceb056061a82075a
badff9130ec8443d71d00c8d988bdba88525aeb7dffc954ab86d66c30a6f3205
bc292fa10a6a49d665d0d563a66a4a30fd6d1c611728657476ee83abe2f5165e
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c5f3659d53ade559f5f65a11fd2c0bf40aad70588c5d325d17166ece710514ed
ce0f2d70d1c8186913dc30935561e7a18e5317d2c117c3245f63507267089f66
d1e7e5a0cd52fe5f3e1dc69d858594d47d4ef227c24cbb81ce22585e00550b27
d32efacc869329b37e75d515507ec6639c20ed1c953b43ad56a5b36054239ad4
d6301f927581931c755147880a69f444a768ee417470a3ca104b0b15315abfea
db91f68bcb838f952cbd756c64091a8266770176d80946250c36697ef508369d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d309386e64dacedc265e5fdcf428a7f65e818fcbe30f9ad013b4d7154000bd
efc46f96bac834e3eed7ee3d0f40cc593c59097b235c10d9a864edd3abde0bad
f8ccc2b7c37fce3c4d69c5584a633606971576cfd0d1ead5eff4b54368a708a6

newyear2k24.jobfox.space Open in urlscan Pro 2606:4700:3034::6815:28f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

94 %HTTPS

86 %IPv6

18 Domains

23 Subdomains

20 IPs

2 Countries

1716 kBTransfer

2956 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

newyear2k24.jobfox.space Open in urlscan Pro
2606:4700:3034::6815:28f Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

94 %
HTTPS

86 %
IPv6

18
Domains

23
Subdomains

20
IPs

2
Countries

1716 kB
Transfer

2956 kB
Size

9
Cookies

66 HTTP transactions
3 data transactions